Unvalidated paragraph widget values can be used for Cross-site Scripting in lara-zeus

Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered. Users are advised to upgrade to the appropriate fix versions detailed in the advisory metadata. There are no known workarounds for this vulnerability.

N/A

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Dynamic Dashboard 跨站脚本漏洞

Dynamic Dashboard是Lara Zeus开源的一个仪表盘。 Dynamic Dashboard存在跨站脚本漏洞。攻击者利用该漏洞执行跨站脚本攻击。

N/A

N/A